If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Flash Drive of Death!

My mind then moved to pentesting and data exfiltration. What if the flash drive wasnt left by accident? What if it was a Flash Drive a Death loaded with malicious logic! I was also pondering in my head how you could convince an organization to lock down usb ports because of the associated risks just like this. Windows systems have the ability to prohibit the use of storage devices through USB while allowing things like mice and keyboards to work but I see very few companies using it. Perhaps demonstrating a Flash Drive of Death would convince them to lock workstations down a little bit more. [/long story]

I kindof just made up the name flash drive of death but I was wanting to get input from you all what might make a good demonstrative flash drive of death.

My mind then moved to pentesting and data exfiltration. What if the flash drive wasnt left by accident? What if it was a Flash Drive a Death loaded with malicious logic! I was also pondering in my head how you could convince an organization to lock down usb ports because of the associated risks just like this. Windows systems have the ability to prohibit the use of storage devices through USB while allowing things like mice and keyboards to work but I see very few companies using it. Perhaps demonstrating a Flash Drive of Death would convince them to lock workstations down a little bit more. [/long story]

I kindof just made up the name flash drive of death but I was wanting to get input from you all what might make a good demonstrative flash drive of death.

I'm sure you guys have some good ideas so lets hear 'em. I will gladly try and code up something good to share with you all.

It seems as though you jumped into this in mid thought.

You also seem to be talking about the Hak5 Switchblade, or some variant.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

Wow, I wish I would have known about that switchblade thing before I went and made my own..

What I did was use autorun.inf, a batch file, pstools, and some password dumping programs for an information gathering demonstration at school. But I would always have to click the autorun option when the dialog box appeared after inserting the USB device. :/

Wow, I wish I would have known about that switchblade thing before I went and made my own..

What I did was use autorun.inf, a batch file, pstools, and some password dumping programs for an information gathering demonstration at school. But I would always have to click the autorun option when the dialog box appeared after inserting the USB device. :/

Save yourself the effort and get a switchblade. Autorun has to be enabled on the target PC, but it works wonders. Aside from pentesting, I've used them in the past with clients who can't remember things like their own passwords. (Yes, some lusers are that stupid.)

Beakmyn's latest and greatest version is a pure joy to use. He was kind enough to upgrade mine at shmoocon. Thanks, beakmyn!

Radio Shack is selling 1Gb Sandisk U3's for $12.99. That's the perfect one for making a switchblade.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

I keep about 8 or so USB dongles one of my Shmoocon neckbands attached to my bag. 1 of them is the switchblade. A good SE trick is to pull the switchblade one out and have someone look for a file on it, because "I can never remember which one the file is on" and then when they don't find the file on it, give them the right one.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.